It seems Target wasn’t the only target.
Over the weekend, Irving, Texas-based Michaels Stores disclosed that it was investigating a potential security breach involving customers’ credit card information.
The arts-and-crafts retailer said it was looking into reports of fraudulent activity on credit cars belonging to its customers. However, the company stopped short of confirming that a security breach had taken place, nor did it say how many credit cards were potentially compromised.1
Unfortunately, if a cyber attack did happen, it wouldn’t be the first time for the operator of 1,259 stores across the US. Three years ago, Michaels revealed that cyber thieves had tampered with debit-card processing equipment at roughly 80 stores, where improperly altered PIN pads allowed thieves to skim debit card data and steal personal identification numbers that were then used to create duplicate cards.
Even more unfortunate, this latest development would mark the third major chain to acknowledge it was a victim of a cyber assault by hackers into customers’ financial information.
Target recently announced that 40 million debit and credit card accounts had been affected in its ambush, and Neiman Marcus said last week that 1.1 million accounts had potentially been exposed. In those cases, software was slipped into the retailers’ systems to quietly scrape card data.
According to the New York Times, the breaches at Neiman Marcus and Target are believed to have been perpetrated by the same group of criminals in Eastern Europe, and are thought to be part of a broader cyber attack directed at as many as six other retailers.2
For these corporate victims as well as future targets, the best hope for defense is a security system that is smarter than the hackers, not an easy or inexpensive goal to achieve.
Interestingly, cyber security investments, primarily the stocks of companies that make security software, have generally been one of the few equity-based assets to perform well so far in 2014.
The Cyber Security motif, for example, has gained 7.3% in the past 30 days. During that same time frame, the S&P 500 has lost 2.5%.
In the last 12 months, the motif has increased 48%; the S&P 500 has increased 21.4%.
Of course, if investors have grasped the big-picture idea that the cyber security sector could be entering a high-demand phase, it’s possible that America’s companies might be doing the same – and this is hardly confined to retailers. Witness the news earlier this week that Lockheed Martin said that it would partner with EMC Corp. to invest in “advanced technology projects,” including cyber security, in a new Israeli technology park.3
That announcement comes ahead of Israel’s first cyber-security conference, meant to promote the country as a hub of digital security.
While the world’s cyber criminals may not yet be running scared, future growth in cyber security demand – and products – isn’t difficult to imagine.
1Andrew Dowell, “Michaels Warns of Possible Data Breach,” WSJ.com, Jan. 26, 2014.
2Nicole Perlroth, “Michaels Stores Is Investigating Data Breach,” nytimes.com, Jan. 25, 2014, http://www.nytimes.com/2014/01/26/technology/michaels-stores-is-investigating-data-breach.html?_r=0.
3Niv Ellis, “Lockheed Martin announces investment in Israeli cyber security,” jpost.com, Jan. 26, 2014, http://www.jpost.com/Business/Business-Features/Lockheed-Martin-announces-investment-in-Israeli-cyber-security-339388.